cpe:/a:tumusika_evolution:tumusika_evolution:1.7r5 CVE-2007-6188 2007-11-29T20:46:00.000-05:00 2017-09-28T21:29:50.237-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2007-11-30T17:20:00.000-05:00 ALLOWS_OTHER_ACCESS BID 26631 BID 26632 SECUNIA 27866 OSVDB 42450 OSVDB 42451 OSVDB 42452 OSVDB 42453 EXPLOIT-DB 4674 XF tumusika-language-directory-traversal(38720) XF tumusika-scdownload-directory-traversal(38719) Multiple directory traversal vulnerabilities in TuMusika Evolution 1.7R5 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter to (1) languages_n.php, (2) languages_f.php, or (3) languages.php in inc/; and (4) allow remote attackers to read arbitrary local files via a .. (dot dot) in the uri parameter to frames/nogui/sc_download.php.